close
Warning:
Can't synchronize with repository "(default)" (Unsupported version control system "svn": /usr/lib/python2.7/dist-packages/libsvn/_fs.so: failed to map segment from shared object: Cannot allocate memory). Look in the Trac log for more information.
- Timestamp:
-
Jun 9, 2011, 5:32:44 PM (15 years ago)
- Author:
-
waue
- Comment:
-
--
Legend:
- Unmodified
- Added
- Removed
- Modified
-
|
v20
|
v21
|
|
| 80 | 80 | = !IntegrateAlert = |
| 81 | 81 | |
| | 82 | |
| 82 | 83 | == map output == |
| 83 | 84 | {{{ |
| … |
… |
|
| 93 | 94 | }}} |
| 94 | 95 | |
| | 96 | |
| | 97 | ||0 攻擊者ip -> 目標ip ||1 嚴重性(1~3, 1最嚴重) ||2 開始日期_時間點~結束日期_時間點 ||3 [分類資訊,...] ||4 [sig_id,...] ||5 [攻擊說明1,攻擊說明2,...] ||6 [目標port1,目標port2, ...] ||7 [偵測裝置編號,...] ||8 "整合總筆數"-"整合分類筆數"-"整合sig_id編號筆數" || |
| | 98 | |
| 95 | 99 | == sample == |
| 96 | 100 | |
| … |
… |
|
| 116 | 120 | }}} |
| 117 | 121 | |
| | 122 | = DotGraph = |
| | 123 | |
| | 124 | {{{ |
| | 125 | digraph G { size ="8,0"; node[style=filled,peripheries=2,color="lightskyblue"]; |
| | 126 | {"140.113.130.221"}->{"0.0.0.0"}[color=red, label="NIDS \n \n[FTP: Format String in Command]"]; |
| | 127 | {"140.113.130.221"}->{"phe96.sro.nchc.org.tw"}[color=red, label="NIDS \n \n[FTP: Format String in Command]"]; |
| | 128 | {"168.150.177.164"}->{"239.255.255.250"}[color=red, label="NIDS \n \n[SCAN UPnP service discover attempt ]"]; |
| | 129 | {"168.150.177.165"}->{"168.150.177.166"}[color=red, label="NIDS \n \n[NETBIOS SMB IPC$ unicode share access ]"]; |
| | 130 | {"168.95.1.1"}->{"140.110.104.84"}[color=red, label="NIDS \n \n[UDP PORT SCAN]"]; |
| | 131 | {"60.173.26.116"}->{"140.110.127.253"}[color=red, label="NIDS \n \n[TCP SYN]"]; |
| | 132 | } |
| | 133 | }}} |
| | 134 | |
| | 135 | |
| | 136 | |
| | 137 | = 試算結果 = |
| | 138 | |
| | 139 | == 06/09 == |
| | 140 | |
| | 141 | * 其中 snort 警訊 1081 筆,idp8200 警訊 1000 筆, nk7admin 警訊 1000 筆,共 3081 筆資訊 |
| | 142 | |
| | 143 | * 整合後得 654 筆輸出結果,以及一張攻擊圖, |
| | 144 | |
| | 145 | * 運算時間為 34 秒 |
| | 146 | |
| | 147 | * 之後會將輸出結果導入資料庫,並且最佳化攻擊圖。 |
